Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* crypt/crypt-private.h: Include stdbool.h.
(_ufc_setup_salt_r): Return bool. * crypt/crypt-entry.c: Include errno.h. (__crypt_r): Return NULL with EINVAL for bad salt. * crypt/crypt_util.c (bad_for_salt): New. (_ufc_setup_salt_r): Check that salt is long enough and within the specified alphabet. * crypt/badsalttest.c: New file. * crypt/Makefile (tests): Add it. ($(objpfx)badsalttest): New.
- Loading branch information
Alexandre Oliva
committed
Oct 10, 2012
1 parent
0e3b5d6
commit 4ba74a3
Showing
6 changed files
with
146 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,86 @@ | ||
/* Test program for bad DES salt detection in crypt. | ||
Copyright (C) 2012 Free Software Foundation, Inc. | ||
This file is part of the GNU C Library. | ||
The GNU C Library is free software; you can redistribute it and/or | ||
modify it under the terms of the GNU Lesser General Public | ||
License as published by the Free Software Foundation; either | ||
version 2.1 of the License, or (at your option) any later version. | ||
The GNU C Library is distributed in the hope that it will be useful, | ||
but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
Lesser General Public License for more details. | ||
You should have received a copy of the GNU Lesser General Public | ||
License along with the GNU C Library; if not, see | ||
<http://www.gnu.org/licenses/>. */ | ||
|
||
#include <stdio.h> | ||
#include <unistd.h> | ||
#include <sys/mman.h> | ||
#include <crypt.h> | ||
|
||
static const char *tests[][2] = | ||
{ | ||
{ "no salt", "" }, | ||
{ "single char", "/" }, | ||
{ "first char bad", "!x" }, | ||
{ "second char bad", "Z%" }, | ||
{ "both chars bad", ":@" }, | ||
{ "un$upported algorithm", "$2$" }, | ||
{ "unsupported_algorithm", "_1" }, | ||
{ "end of page", NULL } | ||
}; | ||
|
||
static int | ||
do_test (void) | ||
{ | ||
int result = 0; | ||
struct crypt_data cd; | ||
size_t n = sizeof (tests) / sizeof (*tests); | ||
size_t pagesize = (size_t) sysconf (_SC_PAGESIZE); | ||
char *page; | ||
|
||
/* Check that crypt won't look at the second character if the first | ||
one is invalid. */ | ||
page = mmap (NULL, pagesize * 2, PROT_READ | PROT_WRITE, | ||
MAP_PRIVATE | MAP_ANON, -1, 0); | ||
if (page == MAP_FAILED) | ||
{ | ||
perror ("mmap"); | ||
n--; | ||
} | ||
else | ||
{ | ||
if (mmap (page + pagesize, pagesize, 0, | ||
MAP_PRIVATE | MAP_ANON | MAP_FIXED, | ||
-1, 0) != page + pagesize) | ||
perror ("mmap 2"); | ||
page[pagesize - 1] = '*'; | ||
tests[n - 1][1] = &page[pagesize - 1]; | ||
} | ||
|
||
for (size_t i = 0; i < n; i++) | ||
{ | ||
if (crypt (tests[i][0], tests[i][1])) | ||
{ | ||
result++; | ||
printf ("%s: crypt returned non-NULL with salt \"%s\"\n", | ||
tests[i][0], tests[i][1]); | ||
} | ||
|
||
if (crypt_r (tests[i][0], tests[i][1], &cd)) | ||
{ | ||
result++; | ||
printf ("%s: crypt_r returned non-NULL with salt \"%s\"\n", | ||
tests[i][0], tests[i][1]); | ||
} | ||
} | ||
|
||
return result; | ||
} | ||
|
||
#define TIMEOUT 5 | ||
#define TEST_FUNCTION do_test () | ||
#include "../test-skeleton.c" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters